Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:11072
HistoryJan 17, 2006 - 12:00 a.m.

[SA15907] Mozilla Thunderbird Attachment Spoofing Vulnerability

2006-01-1700:00:00
vulners.com
4
JSON

TITLE:
Mozilla Thunderbird Attachment Spoofing Vulnerability

SECUNIA ADVISORY ID:
SA15907

VERIFY ADVISORY:
http://secunia.com/advisories/15907/

CRITICAL:
Less critical

IMPACT:
Spoofing, System access

WHERE:
>From remote

SOFTWARE:
Mozilla Thunderbird 1.x
http://secunia.com/product/4652/

DESCRIPTION:
Secunia Research has discovered a vulnerability in Thunderbird, which
can be exploited by malicious people to trick users into executing
arbitrary programs.

The vulnerability is caused due to attachments not being displayed
correctly in mails. This can be exploited to spoof the file extension
and the associated file type icon via a combination of overly long
filenames containing whitespaces and "Content-Type" headers not
matching the file extension.

Successful exploitation may lead to malware being saved to e.g. the
desktop.

NOTE: Attachments can be saved by dragging the attachment, or using
the "Save As…" or "Save All…" functionality. For files on the
desktop, the icon can be spoofed if it e.g. is a ".exe" or ".lnk"
file.

The vulnerability has been confirmed in versions 1.0.2, 1.0.6, and
1.0.7. Other versions may also be affected. Only the Microsoft
Windows platform is affected.

SOLUTION:
Update to version 1.5.
http://www.mozilla.com/thunderbird/

PROVIDED AND/OR DISCOVERED BY:
Andreas Sandblad, Secunia Research.

ORIGINAL ADVISORY:
Secunia Research:
http://secunia.com/secunia_research/2005-22/advisory/

OTHER REFERENCES:
https://bugzilla.mozilla.org/show_bug.cgi?id=300246

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

JSON